[wp-forums] A threat received

[Petit]

Handy wrote:
> On 5/17/06, Podz <podz at tamba2.org.uk> wrote:
>>
>> Handy wrote:
>> > Of for suck -- that bites.  Clueless Hosts thread sounds fun and a 
>> also
>> > sounds like it would turn into a "no they don't" - "yes they do" flame
>> > fest...
>>
>> Yup... exactly why it does not need starting.
>> I'm fairly confident that of all the code that needed tightening over
>> the life of WP that a webhost has (1) never found such a hole (2) never
>> proven a claim of theirs. That means a webhost has not yet - in
>> thousands of users - made a correct claim.
>>
>> "If your host genuinely believes that WordPress has a vulnerability that
>> they have discovered they owe it to the wider community to submit that
>> information - without delay - to security at wordpress.org. Until then,
>> it's entirely their problem."
>>
>>
>> Or something like that is what I'm happy to use.....
>>
>> P.
>
>
> I should copy and paste that...  seems like it would come in handy (no 
> pun
> intended).
Hear, hear. It's a really nicely condensed and clear statement/advice. 
Thanks Podz, let's use it.
I'm sure we can stand behind that. And if we are wrong, we'll find any 
bugs, which is a good thing too.
/Petit